Professional Windows Server 1002003 Security A Technical Reference [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

Professional Windows Server 1002003 Security A Technical Reference [Electronic resources] - نسخه متنی

Roberta Bragg

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
ارسال به دوستان
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات
توضیحات
افزودن یادداشت جدید

Sitemap

Windows Server 2003 Security: A Technical Reference

Table of Contents

Copyright

Praise for Windows Server 2003 Security

Acknowledgments

About the Author

About the Technical Editor

Preface

Should You Buy This Book?

What's Inside and What's Not

An Unusual Approach to Production

Bibliography

Part I: Security Basics

Chapter 1. Principles of Information Security

Principle Number One: There Is No Such Thing as a Secure Computer

Classic Security Principles: Confidentiality, Integrity, and Accounting

Corollaries: Principles That Spring from the Classics

Part II: Securing the Server Itself

Chapter 2. Authentication: Proof of Identity

Logon Process

Network Authentication Processes

Windows Time Service

Computer Accounts and Authentication Controls

Anonymous Access

Authentication Management via Group Policy

Forest and Interforest Authentication

Best Practices for Securing Authentication

Summary

Chapter 3. Authorization-Limiting System Access and Controlling User Behavior

Windows Security Architecture and the Authorization Process

Rights, Privileges, and Permissions

Using Object Permissions to Control Access

Rule-Based Versus Role-Based Access Control Systems

Default Operating System User Roles

Creating Custom Roles

Creating Custom Group Roles

The Access Control Process

Authorization Using Security Options and Registry Settings

Computer Roles

Anonymous Access

Protect the Account Database with Syskey

Summary

Chapter 4. Restricting Access to Software; Restricting Software's Access to Resources

Authorization Manager Framework

Software Restriction Policies

Securing COM, COM+, and DCOM Applications Using Component Services

Summary

Chapter 5. Controlling Access to Data

Controlling Access to Files and Folders Using NTFS Permissions

Controlling Access to Shares

Controlling Access to Web Folders Using WebDAV

Controlling Access to Registry Keys

Practical Deployment Issues

Summary

Chapter 6. EFS Basics

What Is the Encrypting File System?

Implementation Differences Between Windows Versions

Basic Operations

Effect of Normal Operations on Encrypted Files

EFS Architecture

Avoiding Data Loss-Planning for Recovery

Special Operations and Issues

Remote Storage

Sound Enterprise Strategies

Tools

Troubleshooting

Summary

Part III: Securing Domain Services

Chapter 7. Active Directory's Role in Domain Security

Active Directory and Security

Active Directory: Organization, Structure, and Function

Active Directory Installation: Changes During dcpromo

Managing Computers and Users Using Active Directory

Group Policy Tools

Difference in Managing Windows 2000 GPOs

Best Practices for Group Policy

Summary

Chapter 8. Trust

New Trust Features in Windows Server 2003

Trust Types

Trust Relationships

External Trust Creation Procedures

Forest Trust

Group Policy in Forest and Multiforest Scenarios

Piercing Security Boundaries-The Ultimate Forest Design Issue

Best Practices for Trusts

Summary

Chapter 9. Troubleshooting Group Policy

Determining If the Policy Has Been Applied

Determine If the Group Policy Design Is Correctly Implemented

Troubleshooting Networking Problems

Troubleshooting Active Directory and FRS Replication

Troubleshooting Group Policy Object Design

Monitor GPO Health

Summary

Chapter 10. Securing Active Directory

Physically Secure Domain Controllers

Establish Security Configuration

Additional Security Configuration

Establish Secure Administration Practices

Deploying Secure Domain Controllers

Summary

Chapter 11. Securing Infrastructure Roles

Security Templates

How to Use Security Templates to Secure Computers by Role

Apply Security Templates

Summary

Part IV: Public Key Infrastructure

Chapter 12. PKI Basics

Introduction to PKI

PKI Architecture in Windows Server 2003

Certificate Services Processing

Summary

Chapter 13. Implementing a Secure PKI

Install an Offline Root CA

Install and Configure a Subordinate CA

Use Custom Templates to Configure Key Archival for EFS

Summary

Part V: Securing the Virtual Network

Chapter 14. Securing Remote Access

Securing Traditional Remote Access Portals

Securing Wireless Access Using IAS

Securing Web ServerBased Access to Internal Resources

Summary

Chapter 15. Protecting Data in Flight

Use Server Message Block Signing

Use Session Security for NTLM

Use Internet Protocol Security Policies

Use Secure Sockets Layer

Use LDAP Server Signing

Summary

Part VI: Maintenance and Recovery

Chapter 16. Maintenance Strategies and Administrative Practices

Maintenance Strategies for Change Management

Maintenance Strategies for Patch Management

Management Practices

Summary

Chapter 17. Basics of Data Backup and Restore

Backup Policy, Standards, and Procedures

How to Use Ntbackup

Automated Systems Recovery

Volume Shadow Copy Service

Miscellaneous Backup Tools

Reanimating Users from the Deleted Objects Store

Active Directory Restore

IIS Backup Process

Certification Authority Backup

Summary

Part VII: Monitoring and Audit

Chapter 18. Auditing

Establishing a Windows Server 2003 Audit Policy for the Forest

Auditing the Standalone Windows Server 2003 Computer

Auditing Server Applications and Services

Auditing Security Controls: Policy Compliance, Vulnerability Assessment, and Pen Testing

Auditing Physical Security

Auditing Policy, Standards, and Procedures

Reviewing Security Awareness

Auditing Outsiders: The Impact of Others on Your Organization's Information Security

Summary

Chapter 19. Monitoring and Assessment

Establish Baselines

Monitor Basic Services

Monitor Active Directory and Group Policy

Monitor Event Logs

Introduction to Incident Response

Summary

Index

index_SYMBOL

index_A

index_B

index_C

index_D

index_E

index_F

index_G

index_H

index_I

index_J

index_K

index_L

index_M

index_N

index_O

index_P

index_Q

index_R

index_S

index_T

index_U

index_V

index_W

index_X

index_Z

/ 194